Platform SecOps Engineer

Job Title: Platform SecOps Engineer

Experience: 79 Years
Location: Pakistan - Hybrid (UAE Business Hours)
Employment Type: Full-Time

Job Summary

We are seeking a hands-on Platform SecOps Engineer to implement and operate security controls across hybrid and on-premises infrastructure for a large enterprise customer in the UAE. This role is responsible for platform hardening security tooling operations (SIEM/EDR/CSPM) vulnerability remediation and incident response support ensuring alignment with ISO 27001 SOC 2 PIC/DSS and/or other compliance requirements as per customer business needs.

Key Responsibilities

• Operate and continuously improve security controls across hybrid and on-prem platforms (compute virtualization OS network services)
• Administer and tune security tooling including SIEM EDR and CSPM; drive alert quality improvements and reduce noise
• Implement and enforce secure configuration baselines (CIS or equivalent) hardening standards and patching/upgrade coordination
• Manage security logging strategy: log onboarding parsing normalization correlation rules dashboards and alerting use-cases
• Perform vulnerability scanning exposure management and remediation tracking with clear SLAs and risk-based prioritization
• Support incident response activities (triage containment support evidence collection escalation) and post-incident improvements
• Strengthen identity and access controls for platform administration (least privilege privileged access patterns access reviews)
• Maintain security runbooks SOPs and operational documentation; contribute to audit evidence preparation for ISO 27001/SOC 2 etc.
• Collaborate with infrastructure and operations teams to embed security into day-to-day BAU including change management and release windows

Required Skills & Qualifications

• 79 years of experience in Platform Security / SecOps / Infrastructure Security
• Strong hands-on experience operating SIEM EDR and CSPM platforms in production environments
• Practical expertise in Linux/Windows hardening endpoint/server security and baseline enforcement
• Solid understanding of vulnerability management lifecycle (scan triage remediation verification)
• Exposure to hybrid/on-prem environments including virtualization (VMware/Hyper-V) and core network security fundamentals
• Ability to write clear runbooks and work effectively across operations infrastructure and security stakeholders

Preferred Certifications

• CompTIA Security CySA
• CISSP or CISM

PCI DSS / Payment Security:

• PCIP (ISA) PCI Professional (Internal Security Assessor)
• Qualified Security Assessor (QSA) (where applicable/available)

Audit / Compliance:

• CISA (especially valuable for controls testing and evidence)

Cloud Security:

• AWS Certified Security Specialty
• AWS Certified Solutions Architect Associate or Professional
• Microsoft Azure Security Engineer Associate (AZ-500)
• Microsoft Azure Solutions Architect Expert (AZ-305)

Good to Have

• Experience supporting telecom government or regulated environments
• Working knowledge of ISO 27001 SOC 2 PCI/DSS evidence collection and operational controls
• Scripting/automation skills (Python Bash PowerShell) for operational efficiency